From 0e0d31f98913a45afff02b751c0a0ad8619da4fa Mon Sep 17 00:00:00 2001 From: Radoslav Pitonak Date: May 31 2017 10:37:26 +0000 Subject: update for fedora 26 --- diff --git a/Dockerfile b/Dockerfile index 9b08c7f..5ae6cfc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,20 @@ -FROM registry.fedoraproject.org/f25/s2i-base +FROM registry.fedoraproject.org/fedora:26 # Description # This image provides an Apache 2.4 + PHP 7.0 environment for running PHP applications. # Exposed ports: # * 8080 - alternative port for http +# Additional packages +# * git, zip, unzip are needed for composer +# * gettext is needed for `envsubst` command used by scripts +# * findutils for fixing permissions +# * python for cgroup limits helper script LABEL MAINTAINER Rado Pitonak RUN dnf install -y --setopt=tsflags=nodocs php php-opcache && \ + dnf install -y --setopt=tsflags=nodocs httpd && \ + dnf install -y --setopt=tsflags=nodocs git gettext zip unzip findutils python && \ dnf -y clean all ENV PHP_VERSION=7.0 \ @@ -50,6 +57,10 @@ COPY root / EXPOSE 8080 +RUN mkdir -p ${HOME} && \ + useradd -u 1001 -r -g 0 -d ${HOME} -s /sbin/nologin \ + -c "Default user" default + # In order to drop the root user, we have to make some directories world # writeable as OpenShift default security model is to run the container under # random UID. diff --git a/sources b/sources deleted file mode 100644 index e69de29..0000000 --- a/sources +++ /dev/null diff --git a/test/run b/test/run index 75a1ad0..0810179 100755 --- a/test/run +++ b/test/run @@ -26,11 +26,15 @@ cid_file=$($MKTEMP_EXEC -u --suffix=.cid) # Since we built the candidate image locally, we don't want S2I to attempt to pull # it from Docker hub -s2i_args="--pull-policy=never --loglevel=2" +s2i_args="--force-pull=false" # Port the image exposes service to be tested test_port=8080 +info() { + echo -e "\n\e[1m[INFO] $@...\e[0m\n" +} + image_exists() { docker inspect $1 &>/dev/null } @@ -70,11 +74,21 @@ prepare() { git config user.email "build@localhost" && git config user.name "builder" git add -A && git commit -m "Sample commit" popd >/dev/null - run_s2i_build } run_test_application() { - docker run --rm --cidfile=${cid_file} -p ${test_port} ${IMAGE_NAME}-testapp + docker run --user=100001 --rm --cidfile=${cid_file} -p ${test_port} ${IMAGE_NAME}-testapp +} + +cleanup_test_app() { + info "Cleaning up the test application" + if [ -f $cid_file ]; then + if container_exists; then + docker stop $(cat $cid_file) + docker rm $(cat $cid_file) + fi + rm $cid_file + fi } cleanup() { @@ -84,7 +98,7 @@ cleanup() { fi fi if image_exists ${IMAGE_NAME}-testapp; then - docker rmi ${IMAGE_NAME}-testapp + docker rmi -f ${IMAGE_NAME}-testapp fi } @@ -110,11 +124,16 @@ wait_for_cid() { done } -test_usage() { +test_s2i_usage() { echo "Testing 's2i usage'..." s2i usage ${s2i_args} ${IMAGE_NAME} &>/dev/null } +test_docker_run_usage() { + info "Testing 'docker run' usage" + docker run ${IMAGE_NAME} &>/dev/null +} + test_connection() { echo "Testing HTTP connection (http://$(container_ip):$(container_port))" local max_attempts=10 @@ -137,6 +156,18 @@ test_connection() { return $result } +test_application() { + # Verify that the HTTP connection can be established to test application container + run_test_application & + + # Wait for the container to write it's CID file + wait_for_cid + + test_connection + check_result $? + cleanup_test_app +} + # Build the application image twice to ensure the 'save-artifacts' and # 'restore-artifacts' scripts are working properly prepare @@ -144,17 +175,19 @@ run_s2i_build check_result $? # Verify the 'usage' script is working properly -test_usage +test_s2i_usage check_result $? -# Verify that the HTTP connection can be established to test application container -run_test_application & +# Verify the 'usage' script is working properly when running the base image with 'docker run ...' +test_docker_run_usage +check_result $? -# Wait for the container to write its CID file -wait_for_cid +# Test application with default uid +test_application -test_connection -check_result $? +# Test application with random uid +CONTAINER_ARGS="-u 12345" test_application cleanup +info "All tests finished successfully."